Results 1  10
of
29
Computing Hilbert class polynomials with the Chinese Remainder Theorem
, 2010
"... We present a spaceefficient algorithm to compute the Hilbert class polynomial HD(X) modulo a positive integer P, based on an explicit form of the Chinese Remainder Theorem. Under the Generalized Riemann Hypothesis, the algorithm uses O(D  1/2+ɛ log P) space and has an expected running time of O ..."
Abstract

Cited by 34 (3 self)
 Add to MetaCart
(Show Context)
We present a spaceefficient algorithm to compute the Hilbert class polynomial HD(X) modulo a positive integer P, based on an explicit form of the Chinese Remainder Theorem. Under the Generalized Riemann Hypothesis, the algorithm uses O(D  1/2+ɛ log P) space and has an expected running time of O(D  1+ɛ). We describe practical optimizations that allow us to handle larger discriminants than other methods, with D  as large as 1013 and h(D) up to 106. We apply these results to construct pairingfriendly elliptic curves of prime order, using the CM method.
MODULAR POLYNOMIALS VIA ISOGENY VOLCANOES
, 2010
"... We present a new algorithm to compute the classical modular polynomial Φl in the rings Z[X, Y] and (Z/mZ)[X, Y], for a prime l and any positive integer m. Our approach uses the graph of lisogenies to efficiently compute Φl mod p for many primes p of a suitable form, and then applies the Chinese R ..."
Abstract

Cited by 26 (7 self)
 Add to MetaCart
(Show Context)
We present a new algorithm to compute the classical modular polynomial Φl in the rings Z[X, Y] and (Z/mZ)[X, Y], for a prime l and any positive integer m. Our approach uses the graph of lisogenies to efficiently compute Φl mod p for many primes p of a suitable form, and then applies the Chinese Remainder Theorem (CRT). Under the Generalized Riemann Hypothesis (GRH), we achieve an expected running time of O(l3 (log l) 3 log log l), and compute Φl mod m using O(l2 (log l) 2 + l2 log m) space. We have used the new algorithm to compute Φl with l over 5000, and Φl mod m with l over 20000. We also consider several modular functions g for which Φ g l is smaller than Φl, allowing us to handle l over 60000.
EXPLICIT CMTHEORY FOR LEVEL 2STRUCTURES ON ABELIAN SURFACES
"... Abstract. For a complex abelian surface A with endomorphism ring isomorphic to the maximal order in a quartic CMfield K, the Igusa invariants j1(A), j2(A), j3(A) generate an unramified abelian extension of the reflex field of K. In this paper we give an explicit geometric description of the Galois ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
Abstract. For a complex abelian surface A with endomorphism ring isomorphic to the maximal order in a quartic CMfield K, the Igusa invariants j1(A), j2(A), j3(A) generate an unramified abelian extension of the reflex field of K. In this paper we give an explicit geometric description of the Galois action of the class group of this reflex field on j1(A), j2(A), j3(A). Our description can be expressed by maps between various Siegel modular varieties, and we can explicitly compute the action for ideals of small norm. We use the Galois action to modify the CRT method for computing Igusa class polynomials, and our run time analysis shows that this yields a significant improvement. Furthermore, we find cycles in isogeny graphs for abelian surfaces, thereby implying that the ‘isogeny volcano ’ algorithm to compute endomorphism rings of ordinary elliptic curves over finite fields does not have a straightforward generalization to computing endomorphism rings of abelian surfaces over finite fields. 1.
CLASS INVARIANTS BY THE CRT METHOD
, 1001
"... Abstract. We adapt the CRTapproach to computing Hilbertclass polynomials to handle a wide range of class invariants. Forsuitable discriminantsD, this improves its performance by a large constant factor, more than 200 in the most favourable circumstances. This has enabled recordbreaking construction ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We adapt the CRTapproach to computing Hilbertclass polynomials to handle a wide range of class invariants. Forsuitable discriminantsD, this improves its performance by a large constant factor, more than 200 in the most favourable circumstances. This has enabled recordbreaking constructions of elliptic curves via the CM method, including examples with D > 10 15. 1.
Computing endomorphism rings of elliptic curves under the GRH
 Journal of Mathematical Cryptology
"... We design a probabilistic algorithm for computing endomorphism rings of ordinary elliptic curves defined over finite fields that we prove has a subexponential runtime in the size of the base field, assuming solely the generalized Riemann hypothesis. Additionally, we improve the asymptotic complexity ..."
Abstract

Cited by 7 (4 self)
 Add to MetaCart
(Show Context)
We design a probabilistic algorithm for computing endomorphism rings of ordinary elliptic curves defined over finite fields that we prove has a subexponential runtime in the size of the base field, assuming solely the generalized Riemann hypothesis. Additionally, we improve the asymptotic complexity of previously known, heuristic, subexponential methods by describing a faster isogenycomputing routine. 1
Accelerating the CM method
 Department of Pure Mathematics, University of New South
"... ar ..."
(Show Context)
Computing (ℓ,ℓ)isogenies in polynomial time on Jacobians of genus 2 curves
, 2011
"... In this paper, we compute ℓisogenies between abelian varieties over a field of characteristic different from 2 in polynomial time in ℓ, when ℓ is an odd prime which is coprime to the characteristic. We use level n symmetric theta structure where n = 2 or n = 4. In a second part of this paper we ex ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
(Show Context)
In this paper, we compute ℓisogenies between abelian varieties over a field of characteristic different from 2 in polynomial time in ℓ, when ℓ is an odd prime which is coprime to the characteristic. We use level n symmetric theta structure where n = 2 or n = 4. In a second part of this paper we explain how to convert between Mumford coordinates of Jacobians of genus 2 hyperelliptic curves to theta coordinates of level 2 or 4. Combined with the preceding algorithm, this gives a method to compute (ℓ, ℓ)isogenies in polynomial time on Jacobians of genus 2 curves.
Pairing the volcano
 In Algorithmic Number Theory Symposium—ANTS IX
, 2010
"... Abstract. Isogeny volcanoes are graphs whose vertices are elliptic curves and whose edges are `isogenies. Algorithms allowing to travel on these graphs were developed by Kohel in his thesis (1996) and later on, by Fouquet and Morain (2001). However, up to now, no method was known, to predict, befo ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Isogeny volcanoes are graphs whose vertices are elliptic curves and whose edges are `isogenies. Algorithms allowing to travel on these graphs were developed by Kohel in his thesis (1996) and later on, by Fouquet and Morain (2001). However, up to now, no method was known, to predict, before taking a step on the volcano, the direction of this step. Hence, in Kohel's and FouquetMorain algorithms, we take many steps before choosing the right direction. In particular, ascending or horizontal isogenies are usually found using a trialanderror approach. In this paper, we propose an alternative method that efficiently finds all points P of order ` such that the subgroup generated by P is the kernel of an horizontal or an ascending isogeny. In many cases, our method is faster than previous methods. 1
Improved Algorithm for the Isogeny Problem for Ordinary Elliptic Curves
 Applicable Algebra in Engineering, Communication and Computing
"... ar ..."
(Show Context)